Twitter has said it has 'no evidence' that Donald Trump's account was hacked, after a Dutch security researcher claimed he accessed the president's account using the password 'maga2020!' and shared a satirical Babylon Bee article.
Victor Gevers, a Dutch government worker and leader of non-profit GDI.Foundation which exposes data breaches to the public, said he managed to guess Trump's Twitter password after seven attempts and post something from his account.
Gevers also said Trump had no extra securities in place such as two-factor authentication to prevent hackers accessing his account.
The shock revelation comes four years after Gevers along with two other Dutch ethical hackers allegedly managed to break into Trump's account just three weeks before the 2016 election.
Twitter has denied the hacker's claims saying there is 'no evidence' of a breach of the president's account.
Victor Gevers, a Dutch government worker and leader of non-profit GDI.Foundation which exposes data breaches to the public (pictured), said he managed to guess Trump's Twitter password after seven attempts and accessed his account
Twitter has said it has 'no evidence' that Donald Trump's account was hacked, after Gevers claimed he accessed the president's account using the password 'maga2020!' and shared a satirical Babylon Bee article
Gevers told the Dutch news outlet VN he accessed Trump's Twitter account on October 16 after he decided to check the account was safe from cyber attack.
'I always run random checks. Whenever someone is in the news, I monitor. I ran a check on the Biden, Pence and Harris accounts,' he said.
'Anyone receiving media attention is a potential target and deserves protection. Regardless of who they are.'
Gevers said he noticed that Trump's account had its two-factor-authentication disabled.
All verified or 'blue tick' accounts have a mandatory two-factor-authentication where a code is sent to another device when a log in is attempted in order to verify that the person trying to access the account is genuine.
The hacker tried seven different passwords including: 'yourefired', '!IWillAmericaGreatAgain!', 'MakeAmericaGreatAgain', 'MakeAmericaGreatAgain!', 'Maga2020', 'Maga2020!' and 'maga2020!'
Gevers said the last attempt - 'maga2020!' - was correct giving him access to Trump's account including all of his direct messages and Twitter history.
Access would also grant the user the ability to change Trump's password, his profile picture and post tweets purporting to be the president.
The hacker appeared to take credit for a tweet on October 16 where Trump's account shared a satirical Babylon Bee article (above)
Gevers suggested to VN that he posted a tweet from Trump's account to draw the president's attention to the lack of security on his account.
The hacker appeared to take credit for a tweet on October 16 where Trump shared a satirical Babylon Bee article.
'Twitter Shuts Down Entire Network To Slow Spread Of Negative Biden News https://babylonbee.com/news/twitter-shuts-down-entire-network-to-slow-spread-of-negative-biden-news via @TheBabylonBee,' Trump's account tweeted on October 16.
'Wow, this has never been done in history. This includes his really bad interview last night. Why is Twitter doing this. Bringing more attention to Sleepy Joe & Big T.'
Babylon Bee is a satirical website that, while being pro-Trump, markets itself as being unapologetically fake news.
Trump's tweet appearing to believe the fictitious story immediately sparked news reports questioning whether he was aware of this fact.
Gevers stopped short of confirming he was behind the tweet but he posted a now-removed tweet suggesting his involvement.
'It started six years ago. And hopefully, it will be the last time in 2020,' he wrote.
'Please switch on two-factor authentication on all your accounts.'
Gevers stopped short of confirming he was behind the tweet but he posted a now-removed tweet suggesting his involvement
'I am not saying I did it. But what if I was the one to post the tweet?' he told VN.
'Then Trump will need to either admit to never having read the Babylon Bee article and posting this bullshit tweet, OR he will need to acknowledge that someone else posted the tweet.'
The Babylon Bee tweet still exists on Trump's account.
Gevers claimed he also checked on Hunter Biden's account, trying out previously leaked passwords and finding that they were incorrect or had been changed.
The hacker said he tried to contact the White House and Trump directly to warn him about his lack of security.
The day after the hack, Trump's account had reactivated the two-step verification and the Secret Service late contacted Gevers thanking him for drawing their attention to the risk, he said.
However Twitter has cast doubt on the claims saying in a statement there was 'no evidence' of the activity.
'We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government.'
In 2016, Gevers and two other hacker friends known as Mattijs and Edwin also correctly guessed Trump's password was 'yourefired' and accessed his account just three weeks before the election
This marks the second time the ethical hacker has allegedly managed to access Trump's account.
In 2016, Gevers and two other hacker friends known as Mattijs and Edwin reportedly correctly guessed his password was 'yourefired' and accessed his account.
The password related to the Trump's catchphrase from his stint on Celebrity Apprentice.
On this occasion Gevers told VN they covered their tracks and discreetly warned the president 'he had his digital fly open'.
He said the White House never acknowledged his warning and many have cast doubt on his claims.
Gevers is well-known in the hacker community preventing multiple security breaches by exposing weaknesses on the internet.
In February 2019, his organization exposed the SenseNets data breach.
Facial recognition company SenseNets had left a cache open exposing data relating to the real-time tracking of Xinjiang Muslims.
More than 2.5 million records including names and addresses, ID card numbers, dates of birth and passport photographs were exposed.
Additionally, 6.5 million records relating to the people's GPS locations over the last 24 hours were also available in the breach.
Gevers also exposed the 'breed ready' database in China which contained personal information including 'breed ready' status on 1.8 million woman aged 15 to 32.